KeePass WebDAV with TLS 1.0

1 minute read

KeePass 2.x only supports SSL 3 and TLS 1.0. As I don’t want to enable TLS 1.0 for my websites, I couldn’t use KeePass with WebDAV.

I’ve opened a bug report for this problem.

Simple workaround

Recently I thought of a solution for this problem: I simply created a virtual host on a different port so I could enable TLS 1.0 just on that port.

Fixing the code yourself

Another solution would be building KeePass yourself. This requires a bit of programming language, but I’ll explain:

  • Download the latest KeePass source
  • Open the solution using Visual Studio
  • Set the target framework for each project in the solution to .NET 4.5 (this is the first version that supports TLS 1.1 and TLS 1.2):
    • Right click on the project in the solution explorer and choose Properties
    • Under Target framework: choose .NET Framework 4.5
    • Click Yes in the dialog that shows up
  • Open KeePassLib\Serialization\IOConnection.cs using the solution explorer
  • Find the method PrepareWebAccess
  • Add the following line to the method:
    ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12 | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls;
  • Change Debug to Release in the toolbar at the top
  • Open the Build menu and choose Build Solution

Now you have KeePass with TLS 1.1 and TLS 1.2 support. The executable is located in the Build\KeePass\Release directory in the source code directory.


Leave a comment